CVE-2016-8938

🗓️ 01 Feb 2017 22:00:00Reported by ibmType

IBM UrbanCode Deploy allows code execution via crafted file uploads

Reporter	Title	Published	Views	Family All 8
IBM Security Bulletins	Security Bulletin: Remote code execution possible due to insecure REST endpoint (CVE-2016-8938)	17 Jun 201822:33	–	ibm
BDU FSTEC	The vulnerability of the software for automating the deployment of IBM UrbanCode Deploy (UCD) applications, related to lack of access control, allows a perpetrator to execute arbitrary code.	7 Dec 201700:00	–	bdu_fstec
CNVD	IBM UrbanCode Deploy Remote Code Execution Vulnerability	6 Jan 201700:00	–	cnvd
Cvelist	CVE-2016-8938	1 Feb 201722:00	–	cvelist
EUVD	EUVD-2016-9763	7 Oct 202500:30	–	euvd
NVD	CVE-2016-8938	1 Feb 201722:59	–	nvd
OpenVAS	IBM UrbanCode Deploy Multiple Vulnerabilities	3 Feb 201700:00	–	openvas
Prion	Design/Logic Flaw	1 Feb 201722:59	–	prion

NVD

Vulners

Node

ibm urbancode_deployMatch6.0

ibm urbancode_deployMatch6.0.1

ibm urbancode_deployMatch6.0.1.1

ibm urbancode_deployMatch6.0.1.2

ibm urbancode_deployMatch6.0.1.3

ibm urbancode_deployMatch6.0.1.4

ibm urbancode_deployMatch6.0.1.5

ibm urbancode_deployMatch6.0.1.6

ibm urbancode_deployMatch6.0.1.7

ibm urbancode_deployMatch6.0.1.8

ibm urbancode_deployMatch6.0.1.9

ibm urbancode_deployMatch6.0.1.10

ibm urbancode_deployMatch6.0.1.11

ibm urbancode_deployMatch6.0.1.12

ibm urbancode_deployMatch6.0.1.13

ibm urbancode_deployMatch6.0.1.14

ibm urbancode_deployMatch6.1

ibm urbancode_deployMatch6.1.0.1

ibm urbancode_deployMatch6.1.0.2

ibm urbancode_deployMatch6.1.0.3

ibm urbancode_deployMatch6.1.0.4

ibm urbancode_deployMatch6.1.1

ibm urbancode_deployMatch6.1.1.1

ibm urbancode_deployMatch6.1.1.2

ibm urbancode_deployMatch6.1.1.3

ibm urbancode_deployMatch6.1.1.4

ibm urbancode_deployMatch6.1.1.5

ibm urbancode_deployMatch6.1.1.6

ibm urbancode_deployMatch6.1.1.7

ibm urbancode_deployMatch6.1.1.8

ibm urbancode_deployMatch6.1.2

ibm urbancode_deployMatch6.1.3

ibm urbancode_deployMatch6.1.3.1

ibm urbancode_deployMatch6.1.3.2

ibm urbancode_deployMatch6.1.3.3

ibm urbancode_deployMatch6.2.0.0

ibm urbancode_deployMatch6.2.0.1

ibm urbancode_deployMatch6.2.0.2

ibm urbancode_deployMatch6.2.1

ibm urbancode_deployMatch6.2.1.1

ibm urbancode_deployMatch6.2.2

ibm urbancode_deployMatch6.2.2.1

[
  {
    "product": "UrbanCode Deploy",
    "vendor": "IBM Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "6.1.0.2"
      },
      {
        "status": "affected",
        "version": "6.0"
      },
      {
        "status": "affected",
        "version": "6.0.1"
      },
      {
        "status": "affected",
        "version": "6.0.1.1"
      },
      {
        "status": "affected",
        "version": "6.0.1.2"
      },
      {
        "status": "affected",
        "version": "6.0.1.3"
      },
      {
        "status": "affected",
        "version": "6.0.1.4"
      },
      {
        "status": "affected",
        "version": "6.0.1.5"
      },
      {
        "status": "affected",
        "version": "6.0.1.6"
      },
      {
        "status": "affected",
        "version": "6.1"
      },
      {
        "status": "affected",
        "version": "6.1.0.1"
      },
      {
        "status": "affected",
        "version": "6.1.0.3"
      },
      {
        "status": "affected",
        "version": "6.0.1.7"
      },
      {
        "status": "affected",
        "version": "6.0.1.8"
      },
      {
        "status": "affected",
        "version": "6.1.0.4"
      },
      {
        "status": "affected",
        "version": "6.1.1"
      },
      {
        "status": "affected",
        "version": "6.1.1.1"
      },
      {
        "status": "affected",
        "version": "6.1.1.2"
      },
      {
        "status": "affected",
        "version": "6.1.1.3"
      },
      {
        "status": "affected",
        "version": "6.1.1.4"
      },
      {
        "status": "affected",
        "version": "6.1.1.5"
      },
      {
        "status": "affected",
        "version": "6.0.1.9"
      },
      {
        "status": "affected",
        "version": "6.1.1.6"
      },
      {
        "status": "affected",
        "version": "6.1.1.7"
      },
      {
        "status": "affected",
        "version": "6.1.2"
      },
      {
        "status": "affected",
        "version": "6.0.1.10"
      },
      {
        "status": "affected",
        "version": "6.0.1.11"
      },
      {
        "status": "affected",
        "version": "6.1.1.8"
      },
      {
        "status": "affected",
        "version": "6.1.3"
      },
      {
        "status": "affected",
        "version": "6.1.3.1"
      },
      {
        "status": "affected",
        "version": "6.2"
      },
      {
        "status": "affected",
        "version": "6.2.0.1"
      },
      {
        "status": "affected",
        "version": "6.0.1.12"
      },
      {
        "status": "affected",
        "version": "6.1.3.2"
      },
      {
        "status": "affected",
        "version": "6.2.0.2"
      },
      {
        "status": "affected",
        "version": "6.2.1"
      },
      {
        "status": "affected",
        "version": "6.0.1.13"
      },
      {
        "status": "affected",
        "version": "6.2.1.1"
      },
      {
        "status": "affected",
        "version": "6.0.1.14"
      },
      {
        "status": "affected",
        "version": "6.1.3.3"
      },
      {
        "status": "affected",
        "version": "6.2.1.2"
      },
      {
        "status": "affected",
        "version": "6.2.2"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/docview.wss
securityfocus	www.securityfocus.com/bid/95289

13 May 2026 00:24Current

9.4High risk

Vulners AI Score9.4

CVSS 310

CVSS 210

EPSS0.00768

CWE-284